Re: Where to store configurable secrets? In group-readable etc/app.conf ?
- In reply to: Pat Maddox: "Where to store configurable secrets? In group-readable etc/app.conf ?"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 18 May 2022 15:29:52 UTC
On 2022-05-18 01:26, Pat Maddox wrote: > I am working on an app that reads database credentials from DATABASE_URL env > var. > I've got an rc script that starts it up fine. I want to double-check how I > should > be configuring it: I have put it in /usr/local/etc/myapp.conf chmod 770. That ought to be 0644 or 644 depending on other things, even 640 > > Is that right, or is there some other mechanism for setting secret env vars > for rc scripts? Have a look at some other ports that need to set these sorts of things up; php, mysql, knot, unbound, etc... > > Pat HTH Chris